package com.eurobcoin.controller;

import javax.validation.Valid;

import org.apache.ibatis.session.SqlSession;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;

import com.eurobcoin.filipides.model.LoginForm;
import com.eurobcoin.helper.PasswdHelper;
import com.eurobcoin.manager.DAOManager;
import com.eurobcoin.user.UserManager;
import com.eurobcoin.user.UserModel;
import com.eurobcoin.user.UserSession;

@Controller
@RequestMapping("/")
public class LoginController {

	private static final String LOGIN_VIEW = "login";
	
	private static final String INDEX_REDIRECT = "redirect:/index.html";

	@Autowired
	private DAOManager daoManager;
	
	@Autowired
	private UserManager userManager;
	
	@Autowired
	private UserSession user;
	
	@ModelAttribute("loginForm")
	public LoginForm getLoginForm() {
		return new LoginForm();
	}
	
	@ModelAttribute("user")
	public UserSession getUserSession() {
		return this.user;
	}
	
	@RequestMapping(value="/login.html", method=RequestMethod.GET)
	public ModelAndView showLogin() throws Exception {
		
		ModelAndView ret = new ModelAndView(LOGIN_VIEW);
		
		return ret;
		
	}
	
	@RequestMapping(value="/logout.html", method=RequestMethod.GET)
	public ModelAndView doLogout() throws Exception {
		
		ModelAndView ret = new ModelAndView(INDEX_REDIRECT);
		
		this.user.setAuthenticated(false);
		this.user.reset();
		
		return ret;
		
	}
	
	@RequestMapping(value="/do_login.html", method=RequestMethod.POST)
	public ModelAndView doLogin(
			@Valid @ModelAttribute LoginForm loginForm) throws Exception {
		
		ModelAndView ret = null;
		
		SqlSession sqlSession = this.daoManager.openSession();
		
		boolean emailLogin = this.isLoginEmail(loginForm.getLogin());
		
		UserModel userModel = null;
		
		if(emailLogin) {
			userModel = this.userManager.getUserByEmail(sqlSession, loginForm.getLogin());
		} else {
			userModel = this.userManager.getUserByUsername(sqlSession, loginForm.getLogin());
		}
		
		if(userModel != null) {
			String salt = userModel.getSalt();
			String password = salt + loginForm.getPassword() + salt;
			String hashedPassword = PasswdHelper.getSHA512Hash(password);
			
			if(hashedPassword.equals(userModel.getPassword()) && userModel.isEmailConfirmed()) {
				
				BeanUtils.copyProperties(userModel, this.user.getUserModel());
				
				this.user.setAuthenticated(true);
				
				ret = new ModelAndView(INDEX_REDIRECT);
				
			} else {
				
				loginForm.setError(true);
				loginForm.setErrorMsg("Usuario y/o contraseña incorrectos.");
				
				ret = new ModelAndView(LOGIN_VIEW);
				
			}
		} else {
			
			loginForm.setError(true);
			loginForm.setErrorMsg("Usuario y/o contraseña incorrectos.");
			
			ret = new ModelAndView(LOGIN_VIEW);
			
		}
		
		sqlSession.close();
		
		return ret;
	}
	
	private boolean isLoginEmail(String login) {
		
		boolean ret = false;
		
		if(login.indexOf("@") != -1)
			ret = true;
		
		return ret;
	}
	
}
